Methods and apparatus for establishing a secure communication channel

ABSTRACT

A method for establishing a secure communication channel between an off-card entity and an embedded Universal Integrated Circuit Card (eUICC) is provided. The method involves establishing symmetric keys that are ephemeral in scope. Specifically, an off-card entity, and each eUICC in a set of eUICCs managed by the off-card entity, possess long-term Public Key Infrastructure (PKI) information. When a secure communication channel is to be established between the off-card entity and an eUICC, the eUICC and the off-card entity can authenticate one another in accordance with the respectively-possessed PKI information (e.g., verifying public keys). After authentication, the off-card entity and the eUICC establish a shared session-based symmetric key for implementing the secure communication channel. Specifically, the shared session-based symmetric key is generated according to whether perfect or half forward security is desired. Once the shared session-based symmetric key is established, the off-card entity and the eUICC can securely communicate information.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.15/630,710, entitled “METHODS AND APPARATUS FOR ESTABLISHING A SECURECOMMUNICATION CHANNEL,” filed on Jun. 22, 2017, set to issue as U.S.Pat. No. 9,930,035 on Mar. 27, 2018, which is a continuation of U.S.patent application Ser. No. 14/789,905 entitled “METHODS AND APPARATUSFOR ESTABLISHING A SECURE COMMUNICATION CHANNEL,” filed on Jul. 1, 2015issued as U.S. Pat. No. 9,722,975 on Aug. 1, 2017, which claims thebenefit of U.S. Provisional Application No. 62/020,953, entitled“METHODS AND APPARATUS FOR ESTABLISHING A SECURE COMMUNICATION CHANNEL,”filed Jul. 3, 2014 and U.S. Provisional Application No. 62/021,628,entitled “METHODS AND APPARATUS FOR ESTABLISHING A SECURE COMMUNICATIONCHANNEL,” filed Jul. 7, 2014, the contents of which are incorporated byreference herein in their entirety for all purposes.

FIELD

The described embodiments relate generally to wireless communicationstechnology. More particularly, the present embodiments relate toelectronic Subscriber Identity Module (eSIM) provisioning using a securecommunication channel.

BACKGROUND

Wireless communication devices, such as smart phones, have traditionallybeen configured to utilize Universal Integrated Circuit Cards (UICCs)that provide access to wireless network services. A UICC typically takesthe form of a small removable card (e.g., a Subscriber Identity Module(SIM) card) that is inserted into a wireless communication device. Inmost cases, each UICC is associated with a single “Issuer”—such as amobile network operator—that controls the programming and distributionof the UICC.

In more recent implementations, non-removable UICCs—referred to hereinas embedded UICCs (eUICCs)—are being included on system boards ofwireless communication devices. These eUICCs are distinct from thetraditional removable UICCs in that the eUICCs are non-removable andsoldered to the system boards of wireless communication devices. AneUICC can be programmed with one or more eSIMs, each of which canemulate and replicate the architecture of a typical SIM so as to enablea wireless communication device (that includes the eUICC) to accesswireless network services.

The use of eUICCs and eSIMs can offer significant advantages overtraditional UICCs. For example, eUICCs can provide wirelesscommunication device manufacturers with increased flexibility inwireless communication device design due to the lack of a requirement toaccommodate the size and form factor of a removable SIM card. As afurther example, the ability to remotely provision (e.g., over-the-air)eSIMs can provide convenience for consumers and vendors when configuringa wireless communication device to access a mobile network operator'snetwork.

Existing approaches for provisioning eSIMs—such as those specified bythe GlobalPlatform™ Specification—involve encrypting the eSIMs usingsymmetric keys and transmitting the eSIMs from a provisioning entity toeUICCs of wireless communication devices. Specifically, each eUICC isassociated with and stores a symmetric key, and the provisioning entitystores, for each eUICC known to the provisioning entity, a copy of theeUICC's symmetric key. In this manner, when the provisioning entity istasked with delivering an eSIM to an eUICC, the provisioning entity canuse the eUICC's symmetric key to securely encrypt and transmit the eSIMto the eUICC, whereupon the eUICC can decrypt and utilize the eSIM. Bydesign, this symmetric key is shared by and known only to theprovisioning entity and the eUICC in order to prevent malicious entitiesfrom intercepting, decrypting, and exploiting eSIM transmissions.Unfortunately, security flaws associated with this design continue to beproblematic, and the overall level of exposure is increasing as thescale and complexity of wireless systems grow. As such, there exists aneed for solutions that provide for increased security for communicationchannels established between an eUICC and external “off-card” entities.

SUMMARY

Some example embodiments provide methods, apparatuses, and computerprogram products for establishing a secure communication channel betweenan “off-card” entity (e.g., a provisioning entity) and an eUICC.Specifically, the example embodiments set forth techniques that involveestablishing symmetric keys that are ephemeral (i.e., session-based) inscope. Specifically, an off-card entity, and each eUICC in a set ofeUICCs managed by the off-card entity, possess long-term Public KeyInfrastructure (PKI) information. When a secure communication channel isto be established between the off-card entity and an eUICC, the eUICCand the off-card entity can authenticate one another in accordance withthe respectively-possessed PKI information (e.g., by verifying publickeys). After authenticating one another, the off-card entity and theeUICC carry out steps that involve establishing a session-basedsymmetric key for securing data transmitted between the off-card entityand the eUICC. When “perfect forward security” is desired, each of theoff-card entity and the eUICC generate respective ephemeral PKIinformation used by one another to establish a shared session-basedsymmetric key. When “half forward security” is desired, only theoff-card entity generates ephemeral PKI information when establishingthe shared session-based symmetric key, which can provide performancebenefits. Once the shared session-based symmetric key is established,the off-card entity and the eUICC can securely communicate informationbetween one another. In some embodiments, the shared session-basedsymmetric key can be cached by the off-card entity and the eUICC toreduce the overhead involved when establishing secure connections atsubsequent times. Alternatively, the shared session-based symmetric keycan be discarded each time the secure connection between the off-cardentity and the eUICC is closed, thereby providing a higher level ofsecurity.

This Summary is provided merely for purposes of summarizing some exampleembodiments so as to provide a basic understanding of some aspects ofthe disclosure. Accordingly, it will be appreciated that the abovedescribed example embodiments are merely examples and should not beconstrued to narrow the scope or spirit of the disclosure in any way.Other embodiments, aspects, and advantages will become apparent from thefollowing detailed description taken in conjunction with theaccompanying drawings, which illustrate, by way of example, theprinciples of the described embodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detaileddescription in conjunction with the accompanying drawings, wherein likereference numerals designate like structural elements, and in which:

FIG. 1 illustrates an example system for eSIM provisioning in accordancewith some example embodiments.

FIG. 2 illustrates a block diagram of an apparatus that can beimplemented on a provisioning entity in accordance with some exampleembodiments.

FIG. 3 illustrates a block diagram of an apparatus that can beimplemented on a wireless communication device in accordance with someexample embodiments.

FIGS. 4A-4B illustrate example methods for establishing a secure sessionbetween a provisioning entity and an eUICC of a communication device,according to some embodiments.

FIGS. 5A-5B illustrate example methods for establishing perfect forwardsecurity or half forward security, according to some embodiments.

DETAILED DESCRIPTION

Reference will now be made in detail to representative embodimentsillustrated in the accompanying drawings. It should be understood thatthe following descriptions are not intended to limit the embodiments toone preferred embodiment. To the contrary, it is intended to coveralternatives, modifications, and equivalents as can be included withinthe spirit and scope of the described embodiments as defined by theappended claims.

Existing approaches for establishing secure communications betweeneUICCs and an “off-card” entity (also referred to herein as a“provisioning entity”) rely on pre-established, long-term symmetric keysbeing possessed by the off-card entity and the eUICCs. For example, theGlobalPlatform™ Specification, Version 1.0 of the Security Upgrade forCard Content Management Card Specification version 2.2—Amendment E fromNovember 2011, the contents of which are incorporated herein byreference in their entirety for all purposes, specifies that symmetrickeys associated with eUICCs are maintained by the off-card entity thatis positioned to carry out management tasks in conjunction with theeUICCs (e.g., provisioning new eSIMs to eUICCs, updating existing eSIMsat eUICCs, removing eSIMs from eUICCs, and the like). Specifically, toestablish a secure communication channel between an off-card entity andan eUICC, the off-card entity identifies the eUICC, retrieves (e.g.,from a local database) a symmetric key associated with the eUICC, andutilizes the symmetric key to encrypt data that is transmitted to theeUICC. Because, like the off-card entity, the eUICC possesses thesymmetric key as well, the eUICC can successfully decrypt data that isreceived from the off-card entity, and can also encrypt data that istransmitted back to the off-card entity.

Unfortunately, many security flaws continue to compromise the overallintegrity of the foregoing approach. One issue is that the off-cardentity is required to store the symmetric key of each eUICC that theoff-card entity is positioned to manage. This can present challengeswith respect to efficiently (i.e., quickly) retrieving symmetric keyswhen eUICCs require management. Also, storing a collection of symmetrickeys creates vulnerability as each symmetric key is stored in at leasttwo locations (i.e., by the off-card entity and by an eUICC). Moreover,the amount of vulnerability scales with the level of backup that isbeing implemented. This can be problematic, for example, when heavilyredundant databases are used to store the symmetric keys. Another issueis that when an eUICC is manufactured it is unclear how or by whom theeUICC will be utilized (e.g., which mobile network operator will bemanaging the eUICC). Consequently, as shifts occur between themanagement and/or ownership of eUICCs, large sets of symmetric keys needto be migrated between off-card entities, which drastically increasesexposure levels. Yet another issue is that the complexity of symmetrickeys is being increased to make it difficult for malicious parties toexpose (e.g., derive) symmetric keys. As this complexity increases, thecomputing resources required to implement secure communications usingthe symmetric keys increase as well, which can be detrimental to theoverall performance of computing devices that have limited processingand power resources available (e.g., mobile devices). Finally, yetanother issue is that considerable “forward” security risks areassociated with the existing symmetric key approach. Specifically, if amalicious party obtains a symmetric key, then the malicious party canutilize the symmetric key to potentially access available communicationdata (e.g., previous conversations) that were secured using thesymmetric key.

Some example embodiments disclosed herein address the foregoing issuesby implementing secure communications between off-card entities andeUICCs by establishing symmetric keys that are ephemeral (i.e.,session-based) in scope. An off-card entity that is configured to managea set of eUICCs possesses long-term Public Key Infrastructure (PKI)information, which can include a pair consisting of a public key(PK_(server)) and private (i.e., secret) key (SK_(server)). When asecure communication channel is to be established between the off-cardentity and an eUICC, the eUICC can authenticate the off-card entity inaccordance with at least a portion of the PKI information possessed bythe off-card entity (e.g., by verifying a Certificate Authority (CA)whose digital signature is included in the public key (PK_(server))possessed by the off-card entity). Similarly, the eUICC possesses itsown long-term PKI information, which can include a pair consisting of apublic key (PK_(eUICC)) and private key (SK_(eUICC)). The off-cardentity can authenticate the eUICC in accordance with at least a portionof the long-term PKI information possessed by the eUICC (e.g., byverifying a CA whose digital signature is included in the public key(PK_(eUICC)) possessed by the eUICC). It is noted that in someembodiments a Certificate Authority is not required to carry out theforegoing authentication. Instead, self-signed certificates can beimplemented, with the understanding that the root keysets on which thesignatures are based are trusted by the off-card entity as well as theeUICCs. After authenticating one another, the off-card entity and theeUICC carry out steps that involve establishing a session-basedsymmetric key for securing data transmitted between the off-card entityand the eUICC. Here, two different approaches can be used, depending onwhether “perfect forward security” or “half forward security” isdesired.

When perfect forward security is desired, each of the off-card entityand the eUICC generate respective ephemeral PKI information.Specifically, the off-card entity generates an ephemeral public key(ePK_(server)) and a corresponding ephemeral private (i.e., secret) key(eSK_(server)), signs the ePK_(server) using the long-term private key(SK_(server)) associated with the off-card entity, and provides thesigned ePK_(server) to the eUICC. Similarly, the eUICC generates anephemeral public key (ePK_(eUICC)) and a corresponding ephemeral privatekey (eSK_(eUICC)), signs the ePK_(eUICC) using the long-term private key(SK_(eUICC)) associated with the eUICC, and provides the signedePK_(eUICC) to the off-card entity. Subsequently, the off-card entityuses the eSK_(server) and the signed ePK_(eUICC) to generate asession-based (i.e., ephemeral) key, and the eUICC uses the eSK_(eUICC)and the signed ePK_(server) to generate an equivalent session-basedsymmetric key. This session-based symmetric key, independently generatedby and now available to both the off-card entity and the eUICC, can beused by the off-card entity and the eUICC to secure communications thatare transmitted between the off-card entity and the eUICC until thesession is closed. It is noted that the dual-usage of separate ephemeralPKI information at the off-card entity and at the eUICC provides thebenefit of helping to prevent “man in the middle” attacks. Moreover, thedual-usage of separate ephemeral PKI information makes it difficult formalicious parties to access previous communications associated with theeUICC even when the long-term PKI information associated with theoff-card entity and/or eUICC is compromised.

When half forward security is desired, only the off-card entitygenerates ephemeral PKI information. Specifically, the off-card entitygenerates an ephemeral public key (ePK_(server)) and a correspondingephemeral private (i.e., secret) key (eSK_(server)), signs the ephemeralpublic key ePK_(server) using the long-term private key (SK_(server))associated with the off-card entity, and provides the signedePK_(server) to the eUICC. The eUICC provides its public key PK_(eUICC)to the off-card entity. Subsequently, the off-card entity uses theephemeral secret key eSK_(server) and the provided public key PK_(eUICC)to generate a session-based (i.e., ephemeral) key, and the eUICC usesits own secret key SK_(eUICC) and the ePK_(server) to generate anequivalent session-based symmetric key. This session-based symmetrickey, independently generated and now available to both the off-cardentity and the eUICC, can be used to secure communications that aretransmitted between the off-card entity and the eUICC until the sessionis closed. It is noted that, because the half forward security approachdoes not require the eUICC to generate ephemeral PKI information, theamount of overhead processing that is required at the eUICC can bereduced. A drawback, however, is that if the long-term private keypossessed by the eUICC (i.e., SK_(eUICC)) is compromised by a maliciousparty, then the malicious party can potentially access previouscommunications associated with the eUICC using the compromisedSK_(eUICC) key.

Upon establishment of the shared session-based symmetric key, theoff-card entity and the eUICC can securely communicate informationbetween one another. In some embodiments, each of the off-card entityand the eUICC can be configured to cache the shared session-basedsymmetric key to reduce the overhead involved when subsequentlyestablishing secure communication channels. However, to maintain amaximum level of security, each of the off-card entity and the eUICC canbe configured to generate new session-based symmetric keys (using theapproaches set forth herein) each time a secure communication channel isestablished.

The foregoing techniques provide various benefits that are not providedby conventional approaches. One benefit is that the off-card entity andthe eUICC can establish a secure communication channel over an unsecuredconnection, e.g., the Internet. This increases the overall bandwidththat is available, which can be important at peak management times(e.g., with the launch of a new wireless device). Another benefit isthat Certificate Authorities can be utilized to increase the level ofsecurity when the off-card entity and the eUICC authenticate one another(though, as noted above, this is not required). Yet another benefit isthat shared session-based symmetric keys can be cached for subsequentuse, which can help reduce the overhead involved each time the off-cardentity and the eUICC need to securely communicate with one another. Yetanother benefit is that “perfect forward” security and “half forward”security can be implemented, which can increase customer satisfactionwith respect to privacy concerns. Yet another benefit is that, in someembodiments, the ephemeral PKI information is not derived using thelong-term PKI information assigned to the off-card entity and/or theeUICC. Beneficially, this can increase the difficulty involved inderiving the long-term PKI information even when the ephemeral PKIinformation is compromised.

It will be appreciated that a variety of encryption algorithms can beused to carry out the various techniques set forth herein, e.g.,Diffie-Hellman, Elliptic Curve Cryptography (ECC), Rivest/Shamir/Adleman(RSA) asymmetric algorithm, and the like.

These and other embodiments are discussed below with reference to FIGS.1-3, 4A-4B, and 5A-5B. However, those skilled in the art will readilyappreciate that the detailed description given herein with respect tothese Figures is for explanatory purposes only and should not beconstrued as limiting.

FIG. 1 illustrates an example system 100 for eSIM provisioning inaccordance with some example embodiments. The system 100 can include aprovisioning entity 102 and one or more wireless communication devices106, which can communicate over a network 104.

The provisioning entity 102 can be embodied as one or more computingdevices that can be configured to generate and/or provision eSIMs toeUICCs (e.g., eUICC 120) implemented on wireless communication devices106 in accordance with various example embodiments. The provisioningentity 102 can, for example, comprise one or more physical servers, acloud computing infrastructure configured to implement functionality ofthe provisioning entity 102 (e.g., a virtual computing systemimplemented on underlying physical hardware), and/or other serverdevice(s). In embodiments in which functionality of the provisioningentity 102 is provided by multiple physical computing devices, thecomputing devices can be co-located in a common location, or can bedistributed across multiple physical locations and can communicate viathe network 104. The provisioning entity 102 can be hosted/operated byany entity that can maintain and provision a pool of eSIMs, such as byway of non-limiting example, a mobile network operator(s), a devicemanufacturer, a device vendor, or other such entity.

The network 104 can be embodied as any network or combination ofnetworks configured to support communication between two or morecomputing devices, such as provisioning entity 102 and the wirelesscommunication device 106. By way of non-limiting example, the network104 can comprise one or more wireline networks, one or more wirelessnetworks (e.g., a cellular network(s), wireless local area network(s),wireless wide area network(s), wireless metropolitan area network(s),some combination thereof, or the like), or a combination thereof, and insome example embodiments can comprise the Internet.

The wireless communication device 106 can be embodied as any computingdevice that can be configured to access a cellular network. By way ofnon-limiting example, the wireless communication device 106 can beembodied as a cellular phone, such as a smart phone, a tablet computingdevice, a digital media player device, a cellular wireless hotspotdevice, a laptop computer, some combination thereof, or the like. As afurther example, the wireless communication device 106 can be embodiedas a machine-to-machine (M2M) device or the like that can be configuredto access a cellular network.

The wireless communication device 106 can include an eUICC 120, whichcan also be referred to as a “secure element.” In some embodiments, theeUICC 120 can be embedded within (e.g., soldered to) a main system boardof the wireless communication device 106. In some example embodiments,the eUICC 120 can comprise a sandboxed hardware/software environmentthat cannot be directly accessed by external entities, such as a main,or host, operating system (OS) that can be executed on the wirelesscommunication device 106. The eUICC 120 can include processingcircuitry, such as a microprocessor, and a storage device that can worktogether to process commands and carry out various authenticationmechanisms that can be used to enable the wireless communication device106 to access a mobile network operator's network. In this regard, theeUICC 120 can be configured to maintain one or more eSIMs, such as aneSIM that can be provisioned by the provisioning entity 102. The eUICC120 can be configured to use an eSIM installed on the eUICC 120 tofacilitate network authentication for accessing a mobile operator'snetwork.

The wireless communication device 106, and thus an eSIM that can beprovisioned by the provisioning entity 102 and/or installed on the eUICC120 can be configured for accessing networks using any of a variety ofradio access technologies (RATs). By way of non-limiting example, thewireless communication device 106 and/or an eSIM in accordance with someexample embodiments can support a Long Term Evolution (LTE) RAT, such asvarious releases of the LTE standard specified by the Third GenerationPartnership Project (3GPP), including various releases of LTE,LTE-Advanced (LTE-A), and/or other present or future releases using LTEtechnology. As another example, the wireless communication device 106and/or an eSIM in accordance with some example embodiments can support athird generation (3G) cellular RAT, such as Wideband Code DivisionMultiple Access (WCDMA) or other Universal Mobile TelecommunicationsSystem (UMTS) RAT, such as Time Division Synchronous Code DivisionMultiple Access (TD-SCDMA); CDMA2000; 1×RTT; and/or the like. As anotherexample, the wireless communication device 106 and/or an eSIM inaccordance with some example embodiments can support a second generation(2G) cellular RAT, such as a Global System for Mobile Communications(GSM) RAT. It will be appreciated that the foregoing RATs are providedby way of example, and not by way of limitation. In this regard, thewireless communication device 106 and/or an eSIM in accordance with someexample embodiments can be configured to communicate via any present orfuture developed cellular RAT, including, for example, various fifthgeneration (5G) RATs now in development.

As described previously, the provisioning entity 102 can be configuredto provision an eSIM to the eUICC 120 via the network 104. Thisprovisioning can, for example, be accomplished using variousover-the-air (OTA) techniques. Additionally or alternatively, in someexample embodiments, the wireless communication device 106 can beconnected to the network 104 and/or directly to the provisioning entity102 via a wireline connection and an eSIM can be provisioned to theeUICC 120 via the wireline connection. An eSIM provisioned to the eUICC120 can be included in an eSIM package that can be generated andformatted by the provisioning entity 102 in accordance with variousembodiments described further herein below. The eUICC 120 can beconfigured to unpack the eSIM from the eSIM package and install the eSIMon the eUICC 120.

In some example embodiments, the provisioning entity 102 and eUICC 120can be configured to implement and/or otherwise support one or morelogical security layers that can provide security mechanisms for theprovisioning process. For example, the provisioning entity 102 of someexample embodiments can be configured to implement one or more of alevel 1 (L1) entity 110, level 2 (L2) entity 112, and level 3 (L3)entity 114. The eUICC 120 of some example embodiments can locallyimplement logical security layers and/or processes (e.g., L1, L2, andL3) corresponding to the logical security entities of the provisioningentity 102. In accordance with some example embodiments, L1 (e.g., theL1 entity 110 and any corresponding L1 layer/process on the eUICC 120)can provide encryption services; L2 (e.g., the L2 entity 112 and anycorresponding L2 layer/process on the eUICC 120) can provideanti-cloning services; and L3 (e.g., the L3 entity 114 and anycorresponding L3 layer/process on the eUICC 120) can provideauthorization services. In some example embodiments, one or more of theL1 entity 110, L2 entity 112, and L3 entity 114 can be implemented as alogical software entity running on a common physical server or set ofservers. Alternatively, in some example embodiments, individual logicalsecurity entity, such as individual ones of the L1 entity 110, L2 entity112, and L3 entity 114 can be implemented on physical servers that arediscrete from servers implementing another logical security entity.

FIG. 2 illustrates a block diagram of an apparatus 200 that can beimplemented on a provisioning server, such as provisioning entity 102,in accordance with some example embodiments. In this regard, theapparatus 200 can be implemented on any computing device or plurality ofcomputing devices that can collectively be configured to implementfunctionality of the provisioning entity 102. It will therefore beappreciated that one or more of the components illustrated in anddescribed with respect to FIG. 2 can be implemented on a singlecomputing device, or can be distributed across a plurality of computingdevices that may collectively provide functionality of the provisioningentity 102 in accordance with one or more example embodiments. It willadditionally be appreciated that the components, devices or elementsillustrated in and described with respect to FIG. 2 below may not bemandatory and thus some may be omitted in certain embodiments.Additionally, some embodiments can include further or differentcomponents, devices or elements beyond those illustrated in anddescribed with respect to FIG. 2.

In some example embodiments, the apparatus 200 can include processingcircuitry 210 that is configurable to perform actions in accordance withone or more example embodiments disclosed herein. In this regard, theprocessing circuitry 210 can be configured to perform and/or controlperformance of one or more functionalities of a provisioning server,such as provisioning entity 102, in accordance with various exampleembodiments. Thus, the processing circuitry 210 may be configured toperform data processing, application execution and/or other processingand management services that can be implemented for preparing andprovisioning an eSIM according to one or more example embodiments, suchas those illustrated in and described below with respect to FIGS. 4A-4Band 5A-5B.

In some embodiments, the apparatus 200 or a portion(s) or component(s)thereof, such as the processing circuitry 210, can be implemented viaone or more integrated circuits, each of which can include one or morechips. The processing circuitry 210 and/or one or more furthercomponents of the apparatus 200 can therefore, in some instances, beconfigured to implement an embodiment on an integrated circuit (e.g., asa “system on a chip”).

In some example embodiments, the processing circuitry 210 can include aprocessor 212, and, in some embodiments, such as that illustrated inFIG. 2, can further include memory 214. The processing circuitry 210 canbe in communication with or otherwise control a communication interface216 and/or eSIM preparation module 218.

The processor 212 can be embodied in a variety of forms. For example,the processor 212 can be embodied as various hardware-based processingmeans, such as a microprocessor, a coprocessor, a controller or variousother computing or processing devices including integrated circuits suchas, for example, an ASIC (application specific integrated circuit), anFPGA (field programmable gate array), some combination thereof, or thelike. Although illustrated as a single processor, it will be appreciatedthat the processor 212 can comprise a plurality of processors. Theplurality of processors can be in operative communication with eachother and can be collectively configured to perform one or morefunctionalities of the provisioning entity 102. In some embodiments inwhich the apparatus 200 is embodied on a plurality of computing devices,a plurality of processors, which can collectively form the processor212, can be distributed across a plurality of computing devices that canbe in operative communication with each other directly and/or via anetwork, such as the network 104. In some example embodiments, theprocessor 212 can be configured to execute instructions that may bestored in the memory 214 and/or that can be otherwise accessible to theprocessor 212. In this manner, whether configured by hardware or by acombination of hardware and software, the processor 212 can be capableof performing operations according to various embodiments whileconfigured accordingly.

In some example embodiments, the memory 214 can include one or morememory and/or other storage devices. Memory 214 can include fixed and/orremovable memory devices. In embodiments in which the memory 214includes a plurality of memory devices, the plurality of memory devicescan be embodied on a single computing device, or can be distributedacross a plurality of computing devices (e.g., a plurality of computingdevices forming the provisioning entity 102 of some exampleembodiments), which can collectively provide functionality of theapparatus 200. In some embodiments, the memory 214 can comprise anon-transitory computer-readable storage medium that can store computerprogram instructions that can be executed by the processor 212. In thisregard, the memory 214 can be configured to store information, data,applications, instructions and/or the like for enabling the apparatus200 to carry out various functions of the provisioning entity 102 inaccordance with one or more example embodiments. For example, the memory214 of some example embodiments can be configured to store one or moreeSIMs that can be available for provisioning to an eUICC, such as eUICC120. The memory 214 can additionally or alternatively store parametersassociated with various eUICCs, which can be used to facilitatepreparing and packaging an eSIM for provisioning as described furtherherein below. In some embodiments, the memory 214 can be incommunication with one or more of the processor 212, communicationinterface 216, or eSIM preparation module 218 via one or more buses forpassing information among components of the apparatus 200.

The apparatus 200 can further include a communication interface 216. Thecommunication interface 216 can be configured enable the apparatus 200to communicate with another computing device, such as over the network104. In this regard, the communication interface 216 can include one ormore interface mechanisms for enabling communication with other devicesand/or networks. In this manner, the communication interface 216 caninclude, for example, an antenna (or multiple antennas) and supportinghardware and/or software for enabling communications with a wirelesscommunication network (e.g., a cellular network, Wi-Fi, Li-Fi, WLAN,and/or other wireless communication network) and/or a communicationmodem or other hardware/software for supporting communication via cable,digital subscriber line (DSL), USB, FireWire, Ethernet, one or moreoptical transmission technologies, and/or other wireline networkingmethods. Thus, for example, the communication interface 216 can beconfigured to support communication with the wireless communicationdevice 106 and/or eUICC 120 implemented thereon via the network 104 toenable the provisioning entity 102 to participate in an eSIMprovisioning session and provision an eSIM to the eUICC 120.

The apparatus 200 can further include eSIM preparation module 218. TheeSIM preparation module 218 can be embodied as various means, such ascircuitry, hardware, a computer program product comprising a computerreadable medium (for example, the memory 214) storing computer readableprogram instructions executable by a processing device (for example, theprocessor 212), or some combination thereof. In some embodiments, theprocessor 212 (or the processing circuitry 210) can include, orotherwise control the eSIM preparation module 218. The eSIM preparationmodule 218 of some example embodiments can be configured to prepare andprovision an eSIM using PKI information 219 according to one or moreexample embodiments, such as those illustrated in and described belowwith respect to FIGS. 4A-4B and 5A-5B.

FIG. 3 illustrates a block diagram of an apparatus 300 that can beimplemented on a wireless communication device, such as wirelesscommunication device 106, in accordance with some example embodiments.It will be appreciated that the components, devices or elementsillustrated in and described with respect to FIG. 3 below may not bemandatory and thus some may be omitted in certain embodiments.Additionally, some embodiments can include further or differentcomponents, devices or elements beyond those illustrated in anddescribed with respect to FIG. 3.

In some example embodiments, the apparatus 300 can include processingcircuitry 310 that is configurable to perform actions in accordance withone or more example embodiments disclosed herein. In this regard, theprocessing circuitry 310 can be configured to perform and/or controlperformance of one or more functionalities of the apparatus 300 inaccordance with various example embodiments, and thus can provide meansfor performing functionalities of the apparatus 300 in accordance withvarious example embodiments. The processing circuitry 310 can beconfigured to perform data processing, application execution and/orother processing and management services according to one or moreexample embodiments. For example, in some embodiments, the processingcircuitry 310 can be configured to support operation of a main hostoperating system of a wireless communication device.

In some embodiments, the apparatus 300 or a portion(s) or component(s)thereof, such as the processing circuitry 310, can be implemented viaone or more integrated circuits, each of which can include one or morechips. The processing circuitry 310 and/or one or more furthercomponents of the apparatus 300 can therefore, in some instances, beconfigured to implement an embodiment on an integrated circuit (e.g., asa “system on a chip”). In some example embodiments, one or morecomponents of the apparatus 300 can be implemented on a chipset capableof enabling a computing device to access a network, such as wirelessnetwork 104, when implemented on or otherwise operably coupled to thecomputing device. In some such example embodiments, the apparatus 300can include a cellular baseband chipset, which can be configured toenable a computing device, such as wireless communication device 106, tooperate on one or more cellular networks.

In some example embodiments, the processing circuitry 310 can include aprocessor 312 and, in some embodiments, such as that illustrated in FIG.3, can further include memory 314. The processing circuitry 310 can bein communication with or otherwise control the communication interface316 and/or user interface 318.

The processor 312 can be embodied in a variety of forms. For example,the processor 312 can be embodied as various hardware-based processingmeans, such as a microprocessor, a coprocessor, a controller or variousother computing or processing devices including integrated circuits suchas, for example, an ASIC (application specific integrated circuit), anFPGA (field programmable gate array), some combination thereof, or thelike. Although illustrated as a single processor, it will be appreciatedthat the processor 312 can comprise a plurality of processors. Theplurality of processors can be in operative communication with eachother and can be collectively configured to perform one or morefunctionalities of the wireless communication device 106 as describedherein. In some example embodiments, the processor 312 can be configuredto execute instructions that can be stored in the memory 314 or that canbe otherwise accessible to the processor 312. In this manner, whetherconfigured by hardware or by a combination of hardware and software, theprocessor 312 capable of performing operations according to variousembodiments while configured accordingly.

In some example embodiments, the memory 314 can include one or morememory devices. Memory 314 can include fixed and/or removable memorydevices. In some embodiments, the memory 314 can provide anon-transitory computer-readable storage medium that can store computerprogram instructions that can be executed by the processor 312. In thisregard, the memory 314 can be configured to store information, data,applications, instructions and/or the like for enabling the apparatus300 to carry out various functions in accordance with one or moreexample embodiments. In some embodiments, the memory 314 can be incommunication with one or more of the processor 312, communicationinterface 316, user interface 318, or eUICC 320 via one or more busesfor passing information among components of the apparatus 300.

The apparatus 300 can further include a communication interface 316. Thecommunication interface 316 of some example embodiments can provide awireless communication interface configured to enable the apparatus 300to send wireless signals to and receive signals from one or morewireless networks. For example, the communication interface 316 of someexample embodiments can be configured to support access to a cellularnetwork by enabling wireless communication with a cellular base station.The communication interface 316 can accordingly include one or moretransceivers and supporting hardware and/or software for enablingcommunication in accordance with one or more cellular RATs. Thecommunication interface 316 of some embodiments can further include oneor more transceivers and/or other radio components to support one ormore further wireless communication technologies, such as Wi-Fi® (e.g.,an IEEE 802.11 technology), BLUETOOTH®, and/or other wirelesscommunications technology. In some example embodiments, thecommunication interface 316 can additionally include a communicationmodem or other hardware/software for supporting communication via cable,digital subscriber line (DSL), USB, FireWire, Ethernet, one or moreoptical transmission technologies, and/or other wireline networkingmethods.

In some example embodiments, the apparatus 300 may include the userinterface 318. It will be appreciated, however, that in some exampleembodiments, one or more aspects of the user interface 318 may beomitted, and in some embodiments, the user interface 318 may be omittedentirely. The user interface 318 can be in communication with theprocessing circuitry 310 to receive an indication of a user input and/orto provide an audible, visual, mechanical, or other output to a user. Inthis manner, the user interface 318 can include, for example, akeyboard, a mouse, a joystick, a display, a touch screen display, amicrophone, a speaker, one or more biometric input devices, and/or otherinput/output mechanisms. In embodiments wherein the user interface 318comprises a touch screen display, the user interface 318 canadditionally be configured to detect and/or receive an indication of atouch and/or other movement gesture or other input to the display.

The apparatus 300 can further include the eUICC 320, which can, forexample, comprise an embodiment of the eUICC 120. The eUICC 320 canaccordingly include processing circuitry and a storage device that canbe configured to store and manage one or more eSIMs that can beprovisioned by the provisioning entity 102 in accordance with variousexample embodiments. The eUICC 320 can be configured to unpack andinstall an eSIM provisioned by the provisioning entity 102 using PKIinformation 321 in accordance with various example embodiments, such asthose illustrated in and described below with respect to FIGS. 4A-4B and5A-5B.

FIG. 4A illustrates a method 400 for establishing a secure sessionbetween a provisioning entity and an eUICC of a communication device,according to some embodiments. Specifically, the method 400 can beperformed by the provisioning entity 102 of some example embodiments.One or more of processing circuitry 210, processor 212, memory 214,communication interface 216, and eSIM preparation module 218 can, forexample, provide means for performing the operations illustrated in anddescribed with respect to FIG. 4A.

As shown in FIG. 4A, the method 400 begins at 405, where theprovisioning entity 102 receives, from a mobile device (e.g., wirelesscommunication device 106) that includes an eUICC (e.g., the eUICC 120 ofthe wireless communication device 106), a request to establish a securecommunication channel. 405 can be performed in response to determiningthat the eUICC 120 is a target to which an eSIM is to be provisioned,which can be initiated by the wireless communication device 106 and/oreUICC 120. At 410, the provisioning entity 102 authenticates the eUICC120 in accordance with the PKI information associated with and providedby the eUICC 120. Specifically, the provisioning entity 102 canauthenticate the eUICC 120 based on the public key (PK_(eUICC))possessed by the eUICC 120. The authentication can further involve, forexample, the provisioning entity 102 requiring the eUICC 120 to signdata (e.g., a random value) using the private key (SK_(eUICC))counterpart to prove that the eUICC 120 is the true owner of thePK_(eUICC) and the SK_(eUICC).

At 415, the provisioning entity 102, in conjunction with the eUICC 120,generates a session-based symmetric key (i.e., ephemeral symmetric key).In some embodiments, the provisioning server 102 can implement aCertificate Authority Security Domain (CASD) that is configured tofacilitate the generation of the session-based symmetric key utilized byeach of the provisioning entity 102 and the eUICC 120 when establishingthe secure communication channel. For example, when the provisioningentity 102 is attempting to establish the secure communication channelwith the eUICC 120, the provisioning server 102 can issue a request tothe CASD for a session-based symmetric key that is based at least on thePKI information exchanged between the provisioning entity 102 and theeUICC 120. At 420, the provisioning entity 102 stores, within a securitydomain (e.g., a protected storage area accessible to the provisioningentity 102) associated with the eUICC 120, the session-based symmetrickey. At 425, the provisioning entity 102 establishes the securecommunication channel with the eUICC 120 using the session-basedsymmetric key. In some cases, the provisioning server 102 can optionallycache (e.g., within the security domain) the session-based symmetric keyfor establishing subsequent secure communication channels with the eUICC120. Caching the session-based symmetric key by the provisioning server102 would also involve the eUICC 120 caching the session-based symmetrickey so that the subsequent secure communication channel can effectivelybe established. At 430, the provisioning entity 102 provides managementtasks to the eUICC 120 over the secure communication channel. Suchmanagement tasks can involve, for example, providing a new eSIM to beinstalled by the eUICC 120, providing an update to an eSIM (e.g.,enable/disable the eSIM, update the eSIM to a new version, etc.) managedby the eUICC 120, causing an eSIM managed by the eUICC 120 to be removedfrom the eUICC 120, and the like.

FIG. 4B illustrates a method 450 for establishing a secure sessionbetween the eUICC 120 and the provisioning entity 102, according to someembodiments. As shown, the method 450 begins at 455, where the eUICC 120issues, to the provisioning entity 102, a request to establish a securecommunication channel. At 460, the eUICC 120 authenticates theprovisioning entity 102 in accordance with the PKI information (e.g., apublic key included in the PKI information 219) associated with andprovided by the provisioning entity 102. At 465, the eUICC 120, inconjunction with the provisioning entity 102, generates a session-basedsymmetric key. In some embodiments, the eUICC 120 can implement aCertificate Authority Security Domain (CASD) that is configured tofacilitate the generation of the session-based symmetric key utilized byeach of the eUICC 120 and the provisioning entity 102 when establishingthe secure communication channel. For example, when the eUICC 120 isattempting to establish the secure communication channel with theprovisioning entity 102, the eUICC 120 can issue a request to the CASDfor a session-based symmetric key that is based at least on the PKIinformation exchanged between the eUICC 120 and the provisioning entity102.

At 470, the eUICC 120 stores, within a security domain (e.g., aprotected area of memory included in the eUICC 120) managed by the eUICC120, the session-based symmetric key. At 475, the eUICC 120 establishesthe secure communication channel with the provisioning entity 102 usingthe session-based symmetric key. In some cases, the eUICC 120 canoptionally cache the session-based symmetric key (e.g., within thesecurity domain) for establishing subsequent secure communicationchannels with the provisioning entity 102. Caching the session-basedsymmetric key at the eUICC 120 would also involve the provisioningserver 102 caching the session-based symmetric key so that thesubsequent secure communication channel can effectively be established.At 480, the eUICC 120 carries out management tasks provided by theprovisioning entity 102 over the secure communication channel.

It will be appreciated that the operations illustrated in and describedwith respect to FIGS. 4A-4B are not limited to the illustrated order. Inthis regard, various operations can be performed concurrently and/or ina different order than that illustrated in FIGS. 4A-4B.

FIG. 5A illustrates a method for establishing perfect forward security500, according to some embodiments. As shown, the method 500 begins at502, which involves the provisioning entity 102 possessing long-termkeys (SK_(server), PK_(server)) (e.g., the PKI information 219illustrated in FIG. 2). At 504, the provisioning entity 102 generatesephemeral PKI information that consists of the keys (eSK_(server),ePK_(server)). At 506, the provisioning entity 102 signs theePK_(server) using the SK_(server). At 508, the provisioning entity 102provides the signed ePK_(server) to the wireless communication device106, and receives a signed ePK_(eUICC) from the wireless communicationdevice 106 (produced at step 516 by the wireless communication device,which is described below). At 510, the provisioning entity 102 generatesa shared secret (ShS) (i.e., a session-based symmetric key) using theeSK_(server) and the signed ePK_(eUICC).

At 512, the wireless communication device 106 possesses long-term keys(SK_(eUICC), PK_(eUICC)) (e.g., the PKI information 321 illustrated inFIG. 3). At 514, the wireless communication device 106 generatesephemeral PKI information that consists of the keys (eSK_(eUICC),ePK_(eUICC)). At 516, the wireless communication device 106 signs theePK_(eUICC) using the SK_(eUICC). At 518, the wireless communicationdevice 106 provides the signed ePK_(eUICC) to the provisioning entity102, and receives the signed ePK_(server) from the provisioning entity102 (as produced at 506 described above). At 520, the wirelesscommunication device 106 generates the same ShS (i.e., session-basedsymmetric key) using the eSK_(eUICC) and the signed ePK_(server).

FIG. 5B illustrates a method for establishing half forward security 530,according to some embodiments. As shown, the method 530 begins at 532,which involves the provisioning entity 102 possessing long-term keys(SK_(server), PK_(server)) (e.g., the PKI information 219 illustrated inFIG. 2). At 534, the provisioning entity 102 generates ephemeral PKIinformation that consists of the keys (eSK_(server), ePK_(server)). At536, the provisioning entity 102 signs the ePK_(server) using theSK_(server). At 538, actor provides the signed ePK_(server) to thewireless communication device 106, and receives the PK_(eUICC) from thewireless communication device 106. At 540, the provisioning entity 102generates an ShS (i.e., session-based symmetric key) using theeSK_(server) and the PK_(eUICC).

At 542, the wireless communication device 106 possesses long-term keys(SK_(eUICC), PK_(eUICC)) (e.g., the PKI information 321 illustrated inFIG. 3). At 544, the wireless communication device 106 provides thePK_(eUICC) to the provisioning entity 102, and receives the signedePK_(server) from the provisioning entity 102 (as produced at 536,described above). At 546, the wireless communication device 106generates the shared secret (ShS) using the PK_(eUICC) and the signedePK_(server).

In sum, the techniques set forth herein provide various advantages overconventional approaches. Specifically, these techniques enable anoff-card entity and an eUICC to establish a secure communication channelover an unsecured connection, e.g., the Internet, which increases theoverall bandwidth that is available for establishing such connections.Again, this can be important at peak management times (e.g., with thelaunch of a new wireless device). These techniques also enable theparticipation of Certificate Authorities, which can provide increasedlevels of security when the off-card entity and the eUICC authenticateone another (though, as noted above, this is not required). Thesetechniques also enable session-based symmetric keys to be cached forsubsequent use, which can help reduce the overhead involved each timethe off-card entity and the eUICC need to securely communicate with oneanother. These techniques further enable perfect forward security orhalf forward security to be established, which can be a desirablefeature with respect to the privacy concerns of customers. Thesetechniques also provide the benefit of establishing ephemeral PKIinformation that is not derived using long-term PKI information, whichcan increase the difficulty involved in deriving the long-term PKIinformation even when the ephemeral PKI information is compromised.

The various aspects, embodiments, implementations or features of thedescribed embodiments can be used separately or in any combination.Various aspects of the described embodiments can be implemented bysoftware, hardware, or a combination of hardware and software. Thedescribed embodiments can also be embodied as a computer readable medium(or mediums) storing computer readable code including instructions thatcan be performed by one or more computing devices. The computer readablemedium may be associated with any data storage device that can storedata, which can thereafter be read by a computer system. Examples of thecomputer readable medium include read-only memory, random-access memory,CD-ROMs, HDDs, DVDs, magnetic tape, and optical data storage devices.The computer readable medium can also be distributed overnetwork-coupled computer systems so that the computer readable code maybe stored and executed in a distributed fashion.

In the foregoing detailed description, reference was made to theaccompanying drawings, which form a part of the description and in whichare shown, by way of illustration, specific embodiments in accordancewith the described embodiments. Although these embodiments are describedin sufficient detail to enable one skilled in the art to practice thedescribed embodiments, it is understood that these examples are notlimiting; such that other embodiments may be used, and changes may bemade without departing from the spirit and scope of the describedembodiments. For example, it will be appreciated that the ordering ofoperations illustrated in the flowcharts is non-limiting, such that theordering of two or more operations illustrated in and described withrespect to a flowchart can be changed in accordance with some exampleembodiments. As another example, it will be appreciated that in someembodiments, one or more operations illustrated in and described withrespect to a flowchart can be optional, and can be omitted.

Further, the foregoing description, for purposes of explanation, usedspecific nomenclature to provide a thorough understanding of thedescribed embodiments. However, it will be apparent to one skilled inthe art that the specific details are not required in order to practicethe described embodiments. Thus, the foregoing descriptions of specificembodiments are presented for purposes of illustration and description.The description of and examples disclosed with respect to theembodiments presented in the foregoing description are provided solelyto add context and aid in the understanding of the describedembodiments. The description is not intended to be exhaustive or tolimit the described embodiments to the precise forms disclosed. It willbe apparent to one of ordinary skill in the art that many modifications,alternative applications, and variations are possible in view of theabove teachings. In this regard, one of ordinary skill in the art willreadily appreciate that the described embodiments may be practicedwithout some or all of these specific details. Further, in someinstances, well known process steps have not been described in detail inorder to avoid unnecessarily obscuring the described embodiments.

1. (canceled)
 2. A server comprising: a processor; and a memory communicatively coupled to the processor and storing instructions that, when executed by the processor, cause the server to establish a secure connection between the server and an embedded Universal Integrated Circuit Card (eUICC) of a wireless device, wherein the eUICC is associated with a long-term eUICC public key (PK_(eUICC)) and a long-term eUICC private key (SK_(eUICC)), and wherein the server is associated with a long-term server public key (PK_(server)) and a long-term server private key (SK_(server)), by performing operations comprising: receiving, from the wireless device, a request to establish the secure connection with the wireless device, receiving, from the eUICC, public key infrastructure (PKI) information comprising a signature and PK_(eUICC), authenticating an identity of the eUICC by determining the signature is based on SK_(eUICC), generating, subsequent to the authenticating, an ephemeral server public key (ePK_(server)) and an ephemeral server private key (eSK_(server)), providing, to the wireless device, a signed ePK_(server) that is signed using SK_(server), receiving, from the wireless device, an ephemeral eUICC public key (ePK_(eUICC)) that is signed using SK_(eUICC), generating a shared symmetric key using eSK_(server) and ePK_(eUICC), and establishing the secure connection using the shared symmetric key.
 3. The server of claim 2, wherein the operations further comprise: providing, to the eUICC via the secure connection, an electronic subscriber identity module (eSIM).
 4. The server of claim 2, wherein the operations further comprise: providing, to the eUICC via the secure connection, an updated to an electronic subscriber identity module (eSIM) managed by the eUICC.
 5. The server of claim 2, wherein the operations further comprise: causing, via the secure connection, the eUICC to remove an electronic subscriber identity module (eSIM) managed by the eUICC.
 6. The server of claim 2, wherein the operations further comprise: storing, within a security domain associated with the eUICC, the shared symmetric key for establishing a different secure connection at a later time with the wireless device.
 7. A wireless device comprising: one or more antennas; an embedded Universal Integrated Circuit Card (eUICC) communicatively coupled to the one or more antennas, the eUICC comprising a processor and a memory communicatively coupled to the processor and storing instructions that, when executed by the processor, cause the eUICC to perform operations comprising: providing, to a server via the wireless device, a request to establish a secure connection with the server, wherein the server is associated with a long-term server public key (PK_(server)) and a long-term server private key (SK_(server)), providing to the server via the wireless device: (i) a signature produced using a long-term eUICC public key (PK_(eUICC)), and (ii) PK_(eUICC), authenticating the server using PK_(server), generating an ephemeral eUICC public key (ePK_(eUICC)) and an ephemeral eUICC private key (eSK_(eUICC)), providing, to the server via the wireless device, a signed ePK_(eUICC) that is signed using SK_(eUICC), receiving, from the server via the wireless device, an ephemeral server public key (ePK_(server)) that is signed using using SK_(server), generating a shared symmetric key using eSK_(eUICC) and ePK_(server), and establishing the secure connection with the server using the shared symmetric key.
 8. The wireless device of claim 7, wherein the operations further comprise: storing, within a security domain of the eUICC, the shared symmetric key for establishing a different secure connection at a later time with the server.
 9. The wireless device of claim 7, wherein the operations further comprise: receiving, from the server over the secure connection via the wireless device, an electronic subscriber identity module (eSIM).
 10. The wireless device of claim 7, wherein the operations further comprise: updating an electronic subscriber identity module (eSIM) managed by the eUICC based on an update received from the server over the secure connection via the wireless device.
 11. The wireless device of claim 7, wherein the operations further comprise: removing from the eUICC an electronic subscriber identity module (eSIM) managed by the eUICC responsive to receive of a command to remove the eSIM received from the server via the secure connection via the wireless device.
 12. The wireless device of claim 7, wherein the operations further comprise: receiving, from the server via the wireless device prior to the authenticating the server, public key infrastructure (PKI) information.
 13. The wireless device of claim 12, wherein the PKI information comprises PK_(server).
 14. The wireless device of claim 12, wherein: the PKI information comprises a certificate authority (CA) signature; and the authenticating the server comprises verifying the CA signature.
 15. An apparatus configurable for operation in a wireless device, the apparatus comprising: an embedded Universal Integrated Circuit Card (eUICC) comprising a processor and a memory communicatively coupled to the processor and storing instructions that, when executed by the processor, cause the eUICC to perform operations comprising: providing, to a server via the wireless device, a request to establish a secure connection with the server, wherein the server is associated with a long-term server public key (PK_(server)) and a long-term server private key (SK_(server)), providing to the server via the wireless device: (i) a signature produced using a long-term eUICC public key (PK_(eUICC)), and (ii) PK_(eUICC), authenticating the server using PK_(server), generating an ephemeral eUICC public key (ePK_(eUICC)) and an ephemeral eUICC private key (eSK_(eUICC)), providing, to the server via the wireless device, a signed ePK_(eUICC) that is signed using SK_(eUICC), receiving, from the server via the wireless device, an ephemeral server public key (ePK_(server)) that is signed using using SK_(server), generating a shared symmetric key using eSK_(eUICC) and ePK_(server), and establishing the secure connection with the server using the shared symmetric key.
 16. The apparatus of claim 15, wherein the operations further comprise: storing, within a security domain of the eUICC, the shared symmetric key for establishing a different secure connection at a later time with the server.
 17. The apparatus of claim 15, wherein the operations further comprise: receiving, from the server over the secure connection via the wireless device, an electronic subscriber identity module (eSIM).
 18. The apparatus of claim 15, wherein the operations further comprise: updating an electronic subscriber identity module (eSIM) managed by the eUICC based on an update received from the server over the secure connection via the wireless device.
 19. The apparatus of claim 15, wherein the operations further comprise: removing from the eUICC an electronic subscriber identity module (eSIM) managed by the eUICC responsive to receipt of a command from the server to remove the eSIM.
 20. The apparatus of claim 15, wherein the operations further comprise: receiving, from the server via the wireless device prior to the authenticating the server, public key infrastructure (PKI) information comprising PK_(server).
 21. The apparatus of claim 20, wherein: the PKI information further comprises a certificate authority (CA) signature; and the authenticating the server comprises verifying the CA signature. 